Skip to main content
CVE-2022-27966 MEDIUM POC This Month

Xshell v7.0.0099 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Xshell
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-27965 MEDIUM POC This Month

Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Xlpd
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-27964 MEDIUM POC This Month

Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Xmanager
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-27963 MEDIUM POC This Month

Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Xftp
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-0350 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.13. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Vditor
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-42868 MEDIUM POC This Month

A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 in the first_name parameter in (1) patient/insert, (2) patient_report, (3) appointment_report, (4). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Patient Management Software
NVD VulDB
CVSS 3.1
4.8
EPSS
0.8%
CVE-2022-22311 MEDIUM PATCH This Month

IBM Security Verify Access could allow a user, using man in the middle techniques, to obtain sensitive information or possibly change some information due to improper validiation of JWT tokens. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required.

IBM Information Disclosure Security Verify Access
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-23183 MEDIUM This Month

Missing authorization vulnerability in Advanced Custom Fields versions prior to 5.12.1 and Advanced Custom Fields Pro versions prior to 5.12.1 allows a remote authenticated attacker to view the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Advanced Custom Fields
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2022-24794 MEDIUM PATCH This Month

Express OpenID Connect is an Express JS middleware implementing sign on for Express web apps using OpenID Connect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Google Open Redirect Express Openid Connect
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-27496 MEDIUM This Month

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zero Channel Plus
NVD
CVSS 3.1
6.1
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy